Surprise! Here’s Your New US Bank Debit Card

A blank envelope arrived on Amanda’s doorstep. She almost tossed it aside, since it didn’t say “HEY! I’M IMPORTANT!” on it. She happened to feel a plastic card inside, though, so she opened it up. Inside was her new debit card. That’s good, isn’t it? Amanda doesn’t think so.

The letter from her bank said that they were issuing customers new cards as a pre-emptive measure becacuse of all of the large recent data breaches, even though Amanda’s card number hadn’t turned up in any of the stolen data sets and she hadn’t used it at any retailers that have reported data breaches (yet.)

“The kicker? I had two business days lead time to activate my new card before my current one would stop working,” Amanda wrote to Consumerist. “A little irksome, to say the least.” What if she had been on vacation or out of town, away from her mailbox but dependent on that debit card to get around?

She wrote to us in order to warn other U.S. Bank customers that a new card might be coming, if it hasn’t already. Watch out, especially if you plan to be out of town for more than a few days. “If I’d been gone for a long weekend or accidentally destroyed the new card, my current card would have been canceled and I would have no idea why!” notes Amanda.

We contacted U.S. Bank and asked why they’re automatically deactivating customers’ cards without notifying them first. We’ll update this post if we find out. We heard back from US Bank: they say that it’s a compromise between customer safety and not leaving their customers cardless. Here’s their statement:

U.S. Bank takes customer fraud protection seriously. We recently reissued credit and debit cards where account numbers were among those compromised in mass data breaches, even if the account did not show fraud yet. This is a safety measure to protect customers from future fraud.

We balance the time we give customers to activate new cards with the need to close old cards quickly; the longer the compromised card is open, the greater risk of fraud, so sometimes the period between receiving a new card and activation is short.

We encourage customers to provide their mobile number and use our email or text alert features so they can take immediate action in the event of fraud or if there is an issue with the card they are currently using. These data security measures are standard industry practice and done in the best interest of our customers.

Comments

Edit Your Comment

Actually, when I get replacement cards, my bank sends them from a completely different return address that doesn’t include the institution name, and in completely plain, unmarked and unremarkable letter-sized envelopes. They have told me this is to make them a less conspicuous target to anyone who might casually see your mail. It’s a security measure. Now, they also inform me via email about any replacements ahead of time, and that’s where I think US Bank screwed up. But if they waited, there might have been (more?) unauthorized charges showing up on the compromised accounts, and then people would have been upset about that.

Is it possible they sent her an email notification and she either didn’t read it or it went to her junk mail? Considering she was going to just toss the envelope in the trash without checking it, I’d wouldn’t be surprised to find she ignores emails from her bank.

when my credit union replaced my cards recently i got letters from them a few days in advance of the card arriving, and while they use an in-account online messaging system, there were no messages in my account inbox. i apparently threw away the debit card replacement letter because the new card was a complete surprise to me and when i called they said i should have gotten a letter. i got the letter for the credit card though

Capital One replaced my credit card recently also, but I got a letter and an email saying they were going to do it, an email when they actually mailed the new card, and another email reminding me to activate my new card before the deadline. Worked pretty well… it’s easy to ignore an email, harder to ignore a letter and three emails. US Bank also owns a very large credit card portfolio; I wonder if they are replacing all of those as well as the debit cards?

I never throw away mail without opening it to make sure there’s no personal information that can be used for identity theft. If there is, I shred it. Hard to miss a new card or notifications under those conditions. The OP should worry about tossing out identity information as well.